Blog   Tagged ‘security’

Phishing Alert and “Heartbleed” security issue

  |  Posted by

Did “Heartbleed” affect UMB?

“Heartbleed” is a bug that has affected many popular websites and “could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years,” according to Mashable.com.‡

None of UMB’s computer systems were impacted by the Heartbleed bug.

As soon as these hackers were exposed, UMB took immediate action. We were able to find that none of our banks were vulnerable to this issue. We also added specific, proactive monitoring. Although UMB was not affected by the issue, our customers do need to be cautious since the bug could still harm you through other websites where you saved your card numbers or used the same password you use for online banking.

What action do customers need to take?

  • Change your passwords – If you utilize the same password for your online banking services that you utilize on other sites, we strongly recommend that you change the password for your online banking services immediately, in case your username or password were compromised on another site.
  • As always – use different passwords for all online services which contain personal or financial information.
  • To find out if other password-protected sites you use were compromised, we recommend contacting those website providers directly. They may advise to wait to change your passwords until they have installed the latest fixes to this Heartbleed bug, but the only way to know for sure is to receive information from those specific sites.
  • If you run a website and need advice on how to protect it, we recommend visiting Heartbleed.com.‡

Phishing Alert

phishing scam

Some of our customers may have received text messages yesterday or today that we identified as a phishing attempt. The message states that there has been a security breach and gives a number to call. If you call the number, it will ask you for your credit card number or account information. Do not respond to this request for information.

What you need to know:

  • UMB will NEVER contact you via text, email or phone for the purpose of requesting any kind of personal or bank information.
  • Phishing scams are common. These attacks use e-mail or malicious websites to solicit personal, often financial, information. Attackers may send e-mail seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
  • Check out some more Security FAQs from our security experts.

What you need to do:

  • Never respond to suspicious messages or click on suspicious links.
  • Check with your financial institutions before sharing any type of private or financial information.
  • Remember to use online and mobile banking. Why?
    • Secure (protected by multiple layers of security)
    • Saves time – quick access from any computer anywhere
    • Hinders identity theft – if you check your accounts frequently, potential fraud is discovered early.
  • Already a mobile banking user? Here are some tips:
    • Save UMB’s short code (50106) in your address book as a Contact, so that when you receive a Text/SMS message from us, you will know immediately that UMB has sent you a communication.
    • Make sure you know who has sent you any message – if in doubt, delete it.
    • Never click on any links if you are not sure of the sender.
    • Never send any confidential information to anyone – the bank will never ask you to “go here and fill in this information” or “please send us this information.”
    • The bank will also never ask you to respond with your password unless you are signing into one of our applications.
    • Never respond to a request for your password and alert us immediately should you receive a message requesting your password or any other confidential information at 888-782-4325. You may contact us Monday through Friday, 8 a.m. to 10 p.m. or on Saturday from 8 a.m. to 5 p.m.
Continue Reading

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


UMB Financial Corporation (Nasdaq: UMBF) is a financial services holding company headquartered in Kansas City, Mo., offering complete banking, payment solutions, asset servicing and institutional investment management to customers. UMB operates banking and wealth management centers throughout Missouri, Illinois, Colorado, Kansas, Oklahoma, Nebraska and Arizona. It also has a loan production office in Texas. Subsidiaries of the holding company include mutual fund and alternative investment services groups, single-purpose companies that deal with brokerage services and insurance, and a registered investment advisor that manages the company's proprietary mutual funds and investment advisory accounts for institutional customers.

Leave a Comment

Tagged: , , , , ,

Target Credit/Debit Card Security Breach

  |  Posted by

You may have seen the recent news that Target experienced a breach in electronic security‡ with their customers’ debit and credit cards. While UMB has security protocols in place, we ask that you remain vigilant as well. You can use our online or mobile banking options to check balances and transaction history 24/7. If you see any suspicious activity on your account, please contact our customer service associates as soon as possible. That number is 800.821.5184.

Credit card

Continue Reading

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


UMB Financial Corporation (Nasdaq: UMBF) is a financial services holding company headquartered in Kansas City, Mo., offering complete banking, payment solutions, asset servicing and institutional investment management to customers. UMB operates banking and wealth management centers throughout Missouri, Illinois, Colorado, Kansas, Oklahoma, Nebraska and Arizona. It also has a loan production office in Texas. Subsidiaries of the holding company include mutual fund and alternative investment services groups, single-purpose companies that deal with brokerage services and insurance, and a registered investment advisor that manages the company's proprietary mutual funds and investment advisory accounts for institutional customers.

Leave a Comment

Tagged: , , , , , ,

Wait a minute…who’s been sending emails from my account?

  |  Posted by

Did you know every day thousands of webmail accounts (Gmail, Yahoo, AOL, etc.) are taken over by cyber criminals? Compromised webmail can be used to make purchases, transfer money from bank accounts or even trick friends and family into giving out information that allows access to their webmail – in a matter of minutes.

Take time to do a few simple things to ensure your webmail accounts are as secure as possible:

Continue Reading

Passwords

Weak passwords can be easily hacked and used to access your account.

  • Avoid using the same password on numerous accounts. This may make your email vulnerable if another site is compromised.
  • Change your password often.
  • Use strong passwords. For example, think of a special phrase and use the first letter of each word as your password. For more tips, visit OnGuardOnline.gov

Security Questions

Even a strong password can be compromised if security questions are easy to guess.

  • Make sure answers can’t be researched on social media sites.
  • Pick a question that only you know the answer to.
  • Choose the custom security question option if available.

Phishing Email

Phishing scams use a convincing message to trick you into clicking a link, downloading attachments or other “bait” that can be used to log your online activity, give a cyber criminal control of your computer or even direct you to a phony website where you’re asked to enter your username and password. All of these can be used to commit online crimes. To avoid phishing scams:

  • Look for misspellings or grammatical errors.
  • Question suspicious email; don’t click questionable links or download attachments that appear out of the ordinary, even if from a friend or company you’re familiar with.
  • If you aren’t sure, OnGuardOnline.gov provides help for identifying phishing scams.

Review Account(s)

The best protection against cyber crime is staying alert.

  • Check sent, trash, and other folders for suspicious incoming or outgoing mail.
  • Check advanced account options for changes you didn’t make. Your email may be forwarded to someone else and you didn’t even know it.
  • Investigate security options offered by your provider like notices for suspicious log-in attempts or two-step verification using a code that’s texted to your phone.
  • Regularly review financial accounts associated with your email address for suspicious activity.
  • Contact your bank and all other financial institutions immediately if you think your email has been compromised.

Don’t fall victim to cyber crime. Take time to secure your webmail accounts and encourage friends and family to do the same.


Ms. Matheys serves as vice president and information security and privacy officer, providing oversight of UMB’s formal information security and privacy programs. She joined UMB in 2010. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM) as well as Certified Information Systems Auditor (CISA).

Read One Comment

Tagged: , , , , , , , , , , , , , , , , , , , , , , , ,

Why can’t I save my online banking password?

  |  Posted by

You might be wondering why you saw this notice below the UMB online banking account sign in.

Login Panel Medium

Continue Reading

We promise we’re not trying to make your life harder by doing this. We know it’s not easy to remember all the passwords you use online these days, so you might see this as a hassle. But we try to do everything we can to make sure your information is secure … and remains secure. Privacy and information security are extremely important to us at UMB and we take it very seriously.

Identity thieves are usually looking for stored information that they can turn into a profit by selling it on the black market. Online banking information like your password and the site you use to access your accounts are valuable to people who make money from stealing and selling personal information. We’ve disabled the ability to save your online banking password on umb.com because otherwise identity thieves have a greater opportunity to steal your data and money.

For example, if your laptop is stolen and you don’t have it password-protected, the thief can easily login to your bank account if it automatically pulls your login information. Then this person has access to everything they need to steal your money. If you log in to your online bank account from a shared or public system, the next person that uses the computer could access your account. All it takes is a few clicks and they’ve used your money to buy a new flat screen TV or book a trip to Italy. It’s kind of like when you accidentally leave your laptop sitting out and you’re still logged in to Facebook, and then your roommate comes along and posts an embarrassing status update as you. Only it’s not your Facebook page, it’s your hard-earned money at stake.

Ultimately, we want what’s best for our customers even if it isn’t always the most convenient option. The privacy and the security of your information is our priority.


Mr. Jackson serves as senior vice president, chief technology officer in Financial Services and Support. He is responsible for the application development, infrastructure and information security functions within the UMB Management Information Systems (MIS) group. He joined UMB in 2009 with more than 20 years of experience working in the technology industry, including technology leadership roles. He earned a Bachelor of Science in education and a Master of Arts in history from Pittsburg State University and served in the U.S. Air Force for four years.

Read One Comment

Tagged: , , , , , , ,

We regret to inform you that your account has been compromised…now what?

  |  Posted by

You can do everything right to secure your personal information, but your credit or debit card information can still be compromised. Unfortunately, retailers and restaurants can be victims of hackers just like individuals can. Except when an identity thief breaches a retailer’s point of sale (POS) system, more than one person is affected. The company’s system can hold hundreds, if not thousands, of card numbers and key card security details including card verification value (CVV) codes.

CVV Code

 

Exact location of the CVV number varies among the card brands. Consult your card’s instructions for the location of your card’s CVV code.

Continue Reading

 

 

Throughout a given year, you have a chance of having your information stolen in one of these security breaches. Reportedly 44.8 million records were breached in 2012. Companies continue to ramp up security measures and while they do a good job, the hackers find points of vulnerability and use malware to pull the credit/debit card information.

Fast food restaurants and small business systems are the most targeted. The high level of transactions makes fast food restaurants a prime target. Small businesses are usually targeted because they don’t always have the same robust security resources as bigger companies, but even large national retail chains can be a victim of these security issues.

When there is a security compromise at retailer or restaurant, it should not end up costing you any money. Your bank should take care of everything, from issuing you a new card and personal identification number (PIN) to recovering any lost funds.

Smart ChipThe current risk environment will not notably change until smart cards (also known as chip cards) are rolled out universally in the U.S. We should see this by the end of 2015. The chip card is different from the card with the magnetic stripe because there is a small microchip in the card with a dynamic security code continually changing, making it extremely difficult to counterfeit.

As a consumer, you have little control over these external events, but this shouldn’t stop you from using your credit/debit cards. You can help protect yourself, by regularly checking your online bank statements and taking advantage of any fraud alerts through SMS texting and emails offered by your bank. At the very least, check your paper statements each month for any suspicious activity. If you regularly monitor your accounts, you will be able to spot fraudulent activity and your bank can quickly fix the issue.

 

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Mr. Hanson serves as vice president and fraud manager in Card Operations. He is responsible for providing fraud detections, prevention, and investigation services to UMB’s credit and debit card customers. He joined UMB in 2010 with more than 15 years of credit card fraud prevention experiences. He earned a Bachelor of Science in political science from the University of Utah in Salt Lake City, Utah and a Master of Arts in national security affairs from the Naval Post-Graduate School in Monterey, Calif.

Read One Comment

Tagged: , , , , , , , , , , , , , , , ,